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(57) Dans un r^seau k commutation par paquets, comme 
un r6seau du type relais de trame, qui comprend des 
ressources reseau compos^es d 'dl6ments r6seau et 
jj'equipem^t client int€Tconnect6s par.un ou plusieurs 
trajets, un r6seau priv6 virtuel (VPN) est constitu6 au 
niveau au-dessus du reseau & commutation par paquets et 
comprend des parties s61ectionn6es des ressources du 
reseau a commutation par paquets. Le VPN est une 
collection de noeuds et de trajets virtuels (VP) et 
comprend un ou des circuits virtuels (VC), chaque VC 
6tant une connexion logique entre des ^l^ments 
terminaux VC qui pcuvent etre des el&nents reseau et de 
r^quipement des installations client. Les segments des 
VC peuvent Stre achemin^s par les VP. chaque VP 6tant 
une connexion logique ^tablie entre deux Elements 
terminaux situ6s sur les Elements de Tun ou I'autre des 
rdseaux ou sur T^quipement des installations client. Un 
ou des VP sont multiplexes sur un trajet physique (PP). 
Chaque VP se voit attribuer une largeur de bande 
garantie (VP-CIR), et chaque VC sur un VP se voit aussi 
attribuer une largeur de bande (BP-CIR) 6gale ou 
sup6rieure k z6ro. Les paquets d'information 4 
transmettre sur un VC comportent un champ d'adresse 
unique pennettant I'identification des VC et des VP 
associ^s au VPN sur lequel les paquets d'information 
vont transiter. Le contrdle de congestion et la gestion 
sont effectu^s sur une base par VPN, de sorte que la 
congestion hors d'un domaine logique de VPN n*influe 
pas sur la performance de ce VPN. 



(57) In a packet switching (packet-based) network, such 
as a frame relay (FR) network, which includes network 
resources made up of networked elements and customer 
premises equipment interconnected by one or more, 
physical paths, a Virtual Private Network (VPN) is built 
above the underlying packet-based networkand includes 
selected portions of the packet-based network resources. 
The VPN isa collection of logical nodes and virtual paths 
(VPs) and includes one or more virtual circuits (VCs), 
each VC being a logical connection between VC 
terminators including network elements and customer 
premises equipment. Segments of the VCs are carried by 
VPs, each VP being a logical connection established 
between two VP terminators which are located in either 
network elements or customer premises equipment. One 
or more VPs are multiplexed on a physical path (PP). 
Each VP is allocated a positive guaranteed bandwidth 
(VP-CIR), and each VC on a VP is also allocated a 
bandwidth (VC-CIR) greater than or equal to zero. 
Packets of infonnation to be transmitted over a VC are 
provided with a unique address field to thereby identify 
the VCs and VPs associated with the VPN over which 
the packet of infonnation will travel. Congestion control 
of the network is provided such that congestion control 
and management are carried out on a per VPN basis, and 
congestion outside of a VPN's logical domain does not 
affect the performance of the VPN. 
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1. A packet-based network for providing virtual private networks, each 
virtual private network carrying traffic associated with a particular customer of the 
packet-based network, the traffic including packets for transmission via the packet- 
based network, the packet-based networic comprising: 

. a plurality of network elements, each being interconnected to at 
least one other network element by a physical path; 

a plurality of customer prenuses equipment, each being 
interconnected to a network element by a physical path; 

at least one virtual path, each being a logical connection between 
two virtual path terminators; 

at least one virtual circuit, each being a logical connection 
established between two virtual circuit terminators, wherein packets are transmitted 
by said virtual circuits between the virtual circuit terminators; 

wherdn the virtual private network includes a collection of packet- 
based network resources including respective network elements, customer premises 
equipment, virtual paths and corresponding virtud circuits; an^^ - - 

identification means contained in the packets of a respective 
customer having a virtual private network for identifying the respective virtual 
circuits and virtual paths used by the virtual private network to which the packets 
are associated. 

2. A packet-based network according to claim 1, wherein said 
identification means is a local identifier of the respective virtual circuits and ^ 
virtual paths used by the virtual private network, and wherein the packet-based 
network further includes means for updating said identification means during 
transmission of the packet of a respective customs within the packet-based 
network. 
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3. A packet-based network according to claim 1, wherein: 

each virtual path is made up of at least one virtual path segment which Is a 

portion of a virtual path using a particular physical path; and 

each virtual circuit is made up of at least one virtual circuit segment which 

is a portion of the virtual circuit carried by a virtual path between two adjacent 

network elements, between two adjacent customer premises equipment, or between 

adjacent network elements and customer premises equipment 



4. A packet-based network according to claim 3, wherein virtual 
circuit and virtual path terminators include both network elements and customer 

10 premises equipmrat. 

5, A packet-based network according to claim 1, whcrdn said 
identification means includes an address Held having a fixed length virtual circuit 
identifier field and a fixed length virtual path identifier field to uniquely identify 
the virtual circuit and virtual path over which the packet of information will travel 

15 - — 6, - A packet-based network according to claim 1, wherein said- 
identification means includes an address field made up of variable length subfields 
including a class type field, a virtual path identifier field and a virtual circuit 
identifier field to uniquely identify the virtual circuit and virtual path over which 
the packet of information will travel, said class ^rpe field identifying the length of 
20 the virtual path identifier field and virtual cucuit identifier field. 



7. A packet^based network according to claim 1, wherein said ^ 
identification means includes an address fidd in said packets, said address field 
bdng an integrated field which identifies virtual paths and virtual circuits over 
which the packet of information will travel, said integrated field being encoded to 
25 uniquely identify how a fi:ame of information is switched within said network 
elements. 
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8. A packet-based network according to claim 7, whCTein each network 
element includes a connection table which identifies how a packet is routed within 
the network element based on the value of the integrated address field. 

9. A packet-based network according to claim 1, wherein each virtual 
path on a physical path of the network is allocated a respective positive guaranteed 
bandwidth, and wherein when congestion occurs on a physical path, only a virtual 
path using bandwidth greater than the respective positive guaranteed bandwidth is 
requu-ed to reduce submission rate of packets onto the network. 

10. A packet-based network according to claim 9, wherein the 
bandwidth utilization of each virtual path within the virtual private network is 
monitored, and wherein when one virtual path is utilizing less than its respective 
positive guaranteed bandwidth, any excess bandwidth is equally shared among the 
remaining virtual paths on a respective physical path in proportion to the 
respective positive guaranteed bandwidth of the remaining virtual paths with 
respect to a total bandwidth of the respective physical path. 

11. A packet-based network according to claim 9, wherdn each virtual 
circuit is provided with a virtual circuit bandwidth on a respective virtual path, 
and wherein even if the physical path utilized by a virtual circuit is congested, if 
the respective virtual path is Hghdy loaded, the virtual circuit can utilize 
bandwidth at least equal to or greater than its virtual circuit bandwidth. 

12. A packet-based network according to claim 1, further including 
means for establishing a virtual path within the packet-based network locally at 
each network element traversed by the virtual path, said means for establishing a 
virtual path including: 
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means for identifying an outgoing physical path from a network 
element with available bandwidth to support a guaranteed bandwidth of the virtual 
path and able to support a number of virtual circuits carried by the virtual path; 

means for reserving resources on the physical paths, the reserved 
resources being indicative of the virtual path bandwidth and number of virtual 
circuits carried by the virtual path; and 

means for updating a connection table in the network elemrat by 
mapping incoming virtual circuits and virtual paths to respective outgoing virtual 
circuits and virtual paths. 

13. A packet-based network according to claim 12 further including 
means for establishing a virtual circuit within a virtual private network including: 

means for identifying a respective virtual path towards a destination 
having at least the available bandwidth required by the virtual circuit and an 
unused virtual circuit segment; 

means for reserving resources for the virtual circuit on the 
respective virtual path, the reserved resources for the virtual circuit being 
indicative of the virtual circuit bandwidth and the virtual circuit segment oh the 
respective virtual path; and 

means for updating the connection table within the network element. 

14. A packet-based network according to claim 12, further including 
means for establishing a signalling virtual circuit on each virtual path, 

15. A packet-based network according to claim 1, further including a 
physical service access point for each respective physical path which multiplexes 
all packets to be transmitted on the respective physical path, the physical service 
access point including a physical path queue which is served at a physical path 
rate, the physical path queue being shared by all virtual paths multiplexed on to 
the respective physical path. 



40 



16. A packet-based network according to claim 15 wherein a physical 
path congestion threshold is determined based on the maximum amount of packets 
stored in the physical path queue and waiting for transmission on to the respective 
physical path, and wherein a congestion notification is provided to each of the 
virtual paths multiplexed onto the respective physical path in response to the length 
of the physical path queue exceeding the physical path congestion threshold. 

17. A packet-based network according to claim 16 wherein said 
congestion notification includes an additional bit in each packet. 

18. A packet-based network according to claim 16 wherein said 
congestion notification includes a signaling frame transmitted from the physical 
service access point to each of tiie Virtual patiis multiplexed on the physical service 
access point. 

19. A packet-based network according to claim 16 wherein; 

each of ttie virtual paths multiplexed onto the respective physical path is 
allocated a corresponding positive guaranteed bandwidth; - - 

tiie sum of tfie positive guaranteed bandwidtii for all of ttie virtual patfis 
multiplexed onto the respective physical, patii is less ti)an a total bandwidtii of tfie 
respective physical patii, and 

in response to said physical patii congestion notification, each virtual patii 
multiplexed onto tfie respective physical paUi reduces tfie submission rate of 
packets to tfie physical patii queue to a level no greater tiian tfie corresponding 
positive guaranteed bandwidth. 

20. A packet-based network according to claim 16 further including a 
vbtual patfi service access point for each respective virtual patfi which multiplexes 
all packets to be transmitted on tfie respective virtual patfi from virtual circuits, tfie 
virtual patfi service access point including a virtual patfi queue which is served at a 
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virtual path rate, the virtual path queue having a congestion threshold indicative of 
a maximum allowed virtual path queue length, the virtual path service access point 
providing a virtual path congestion notification to the virtual circuits carried by the 
respective virtual path in response to the length of the virtual path queue exceeding 
the virtual path queue threshold. 

21. A packet-based network according to claim 20 whereui: 

each of the virtual circuits multiplexed onto the respective virtual path is 
allocated a corresponding virtual circuit bandwidth; 

Uie sum of the virtual circuit bandwidth for all of die virtual circuits 
multiplexed onto tfie respective virtual path is less Uian a guaranteed bandwidth of 
the respective virtual path, and 

in response to the virtual patii congestion notification, each respective 
virtual circuit multiplexed onto tiie respective virtual patii reduces tiie submission 
rate of packets to tiie virtual patfi queue. 

22. A packet-based network according to claim 21, wherein in response 
to persistence of said virtual path cohgestion notification after the reduction of the 
submission rate by each respective virtual circuit, each respective virtual circuit 
incrementally reduces submission rate until said virtual patii congestion notification 
is removed, the respective virtual circuit only reducing submission rate to a level 
no greater tfian tiie corresponding virtual circuit bandwidtii. ' 

23. A packet-based network according to claim 1 wherein a pseudo 
virtual patii is provided on each physical patfi to carry traffic not associated witii a 
virtual private netwoiic. 

24. A pactet-based network according to claim 23, wherein each virtual 
patfi and flie pseudo virtual patfi on a physical pafli of tfie network is allocated a 
respective positive guaranteed bandwidtii, and wherdn.when congestion occurs on 
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a physical path, only a virtual path or pseudo virtual path using bandwidth greater 
than the respective positive guaranteed bandwidth is required to reduce submission 
rate of packets onto the network. 

25. A packet-based netwodc according to claim 24, wheidn the 
bandwidth utilization of each virtual path within the virtual private network is 
monitored, and wherein when one virtual path is utilizing less than its respective 
positive guaranteed bandwidth, any excess bandwidth is equally shared among the 
remaining virtual paths on a respective physical paUi in proportion to the 
respective positive guaranteed bandwidUi of the remaining virtual paths with 
respect to a total bandwidth of the respective physical path. 

26. A packet-based network according to claim 24, wherein each virtual 
circuit is provided witii a virtual circuit bandwidth on a respective virtual path, 
and wherein even if tiie physical patii utilized by a virtual circuit is congested, if 
the respective virtual path is lightty loaded, the virtual circuit can utilize 
bandwidtii at least equal to or greater tiian its virtual circuit bandwidth. 

27. A packet-based network according to claim 1, further including: 

a general network control center (GNCC) for controlling tiie packet-based 
network; 

at least one virtual private network control center (VNCC), each respective 
VNCC being associated with a corresponding virtual private network; and 

mediation means located between tiie GNCC and each respective VNCC 
for enabling communications therebetween; 

wherein for communication from the GNCC to the respective VNCC said 
mediation means filters messages recdved from tfie packet-based network to 
ensure that GNCC messages are properly formatted for ttie respective VNCC and 
passes to tiie respective VNCC only tfiose messages which pertain to traffic of tiie 
corresponding virtual private network; and 
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wherein for communication from the respective VNCC to tiie GNCC said 
mediation means screens VNCC messages to ensure the VNCC messages are 
properly formatted for the GNCC md to ensure that the VNCC messages are 
restricted to the packet-based network resources assigned to the corresponding 
virtual private netwoiic. 



44 



This Page is Inserted by IFW Indexing and Scanning 
Operations and is not part of the Official Record 

BEST AVAILABLE IMAGES 

Defective images within this document are accurate representations of the original 
documents submitted by the appHcant. 

Defects in the images include but are not limited to the items checked: 

□ BLACK BORDERS 

□ IMAGE CUT OFF AT TOP, BOTTOM OR SIDES 

□ FADED TEXT OR DRAWING 

□ BLURRED OR ILLEGIBLE TEXT OR DRAWING 

□ SKEWED/SLANTED IMAGES 

□ COLOR OR BLACK AND WHITE PHOTOGRAPHS 

□ GRAY SCALE DOCUMENTS 

r^sLINES OR MARKS ON ORIGINAL DOCUMENT 

□ REFERENCE(S) OR EXHIBIT(S) SUBMITTED ARE POOR QUALITY 

□ OTHER: 

IMAGES ARE BEST AVAILABLE COPY. 
As rescanning these documents will not correct the image 
problems checked, please do not report these problems to 
the IFW Image Problem Mailbox. 



